Cloud computing data are vulnerable to be theft illegally and tampered maliciously. To solve these problems, a Dynamic Updating Ciphertext-Policy Attribute-Based Encryption (DU-CPABE) scheme which enables both data dynamic updating and security protection was proposed. Firstly, by using linear partitioning algorithm, data information was divided into fixed size blocks. Secondly, the data blocks were encrypted by using Ciphertext-Policy Attribute-Based Encryption (CP-ABE) algorithm. Finally, based on conventional Merkle Hash Tree (MHT), an Address-MHT (A-MHT) was proposed for the operation of dynamically updating data in cloud computing. The theoretical analysis proved the security of the scheme, and the simulation in ideal channel showed that, for five updates, compared with CP-ABE method, the average time overhead of data update was decreased by 14.6%. The experimental results show that the dynamic updating of DU-CPABE scheme in cloud computng services can effectively reduce data update time and system overhead.

The open and dynamic characteristics of cloud computing environment is easy to cause security problems, so security of the data resource and the privacy of user are facing severe challenges. According to the characteristics of dynamic user and data resources in cloud computing, a context and role based access control model was proposed. This model took context information and context restrict of cloud computing environment into account, and evaluated the user access request and the authorization policy in server, which could dynamically grant user's permission. The implementation process of cloud users accessing the resource were given, and the analysis and comparison further illuminated that the model has more advantages in the aspect of access control. This scheme can not only reduce the complexity of management, but also limit the privileges of cloud service providers, so it can effectively ensure the safety of cloud resources.